Microsoft identity platform Microsoft identity platform The rest

  • Slides: 36
Download presentation

Microsoft identity platform

Microsoft identity platform

Microsoft identity platform

Microsoft identity platform

The rest comes automatically, with no extra code: single sign on, token management, passwordless,

The rest comes automatically, with no extra code: single sign on, token management, passwordless, conditional access

THANK YOU

THANK YOU

Advanced scenarios

Advanced scenarios

Advanced scenarios

Advanced scenarios

Scopes define your app’s range of operation against a particular set of cloud APIs

Scopes define your app’s range of operation against a particular set of cloud APIs Consent is a data access contract between the developer and the user or IT admin

Request the minimum permissions necessary for your app to run Use delegated permissions

Request the minimum permissions necessary for your app to run Use delegated permissions for where a user signs in Consider incremental consent for scopes the require user's approval Declare scopes statically for apps that require admin approval Consent best practices: https: //aka. ms/Identity. Platform. Checklist

Advanced scenarios

Advanced scenarios

Always try the silent token acquisition before attempting interactive token acquisition! try await catch

Always try the silent token acquisition before attempting interactive token acquisition! try await catch await

Build your solutions by using libraries (MSAL, . NET middleware) • Clients don’t inspect

Build your solutions by using libraries (MSAL, . NET middleware) • Clients don’t inspect access tokens (only for intended API) • Don’t store login names and passwords. Use MSAL/B 2 C • Apps shouldn’t handle raw passwords (avoid ROPC) • Security best practices: https: //aka. ms/Identity. Platform. Checklist

Write your new apps using MSAL • Update ADAL apps to the latest ADAL

Write your new apps using MSAL • Update ADAL apps to the latest ADAL • Update your ADAL apps to MSAL at your pace •

Advanced scenarios

Advanced scenarios

Releases & roadmap

Releases & roadmap

Generally available in Azure portal: http: //aka. ms/App. Registrations Targeting GA of app API

Generally available in Azure portal: http: //aka. ms/App. Registrations Targeting GA of app API in Microsoft Graph by Ignite 2019

EV IEW PR GA GA

EV IEW PR GA GA

Microsoft products are betting on Microsoft identity platform: • Visual Studio 16. 1 Preview,

Microsoft products are betting on Microsoft identity platform: • Visual Studio 16. 1 Preview, and Azure dev tools— • Authenticator, Graph explorer—used in our demo! • Microsoft APIs (e. g. Microsoft Advertising, Microsoft Graph) Build your next app on Microsoft identity platform!

Apple, the Apple logo, i. Phone, and i. Pad are trademarks of Apple Inc.

Apple, the Apple logo, i. Phone, and i. Pad are trademarks of Apple Inc. , registered in the U. S. and other countries and regions.

Get started here: aka. ms/Identity. Platform Public office hours: aka. ms/Identity. Office. Hours Ask

Get started here: aka. ms/Identity. Platform Public office hours: aka. ms/Identity. Office. Hours Ask a question: stackoverflow. com/questions/tagged/microsoft-identity-platform

THANK YOU

THANK YOU

https: //mybuild. microsoft. com

https: //mybuild. microsoft. com

Thank you for attending Build 2019

Thank you for attending Build 2019